reap3r.
Essai gratuit

Data Processing Agreement (DPA)

Last updated: 2026-05-10

1. Parties and Roles

This DPA is entered into between the customer acting as Data Controller and MASSVISION acting as Data Processor for services provided through the Reap3r platform.

2. Subject Matter

The Processor provides multi-tenant RMM/SOC SaaS services, including endpoint telemetry, audit logs, incident timelines, and encrypted secret storage.

3. Categories of Data

  • User account data (name, email, role).
  • Operational telemetry and endpoint metadata.
  • Security events, alerts, and audit trails.
  • Encrypted credentials and secrets stored by customer users.

4. Processing Instructions

Processor processes personal data only on documented instructions from the Controller and solely for service delivery, support, security operations, and legal compliance.

5. Security Measures

  • Encryption in transit (TLS) and encryption at rest where applicable.
  • Tenant isolation controls and role-based access management.
  • MFA support, audit logging, and incident response procedures.
  • Regular patching and vulnerability monitoring.

6. Sub-processors

Authorized sub-processors include:

  • PostgreSQL and Redis infrastructure providers (EU hosting).
  • Stripe for billing operations.
  • SMTP delivery provider for transactional communications.

7. Data Retention

Data is retained according to configured customer retention settings and plan policies. Upon termination, data is deleted or returned within commercially reasonable timelines, unless legal obligations require retention.

8. International Transfers

Primary hosting is in the EU. Any transfer outside the EU/EEA is protected through approved transfer mechanisms (SCCs or adequacy decisions).

9. Data Subject Rights

Processor assists Controller in handling access, rectification, deletion, portability, and objection requests, as required by GDPR.

10. Breach Notification

Processor notifies Controller without undue delay after becoming aware of a personal data breach, and provides available details to support legal notification duties.

11. Audits

Processor provides reasonable information necessary to demonstrate compliance and supports audits under mutually agreed confidentiality and security safeguards.

12. Contact

Privacy and DPA requests: dpo@massvision.io

MASSVISION Reap3r — Plateforme RMM + EDR multi-tenant